hrms-bangkok/hrms-api-eva
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

first

Browse source
This commit is contained in:
DESKTOP-2S5P7D1\Windows 10 2024-12-04 17:25:34 +07:00
commit 925c5d1ab2
60 changed files with 18843 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

84
src/interfaces/call-api.ts Normal file
View file

@ -0,0 +1,84 @@
import { Path } from "tsoa";
import axios from "axios";
import { addLogSequence } from "./utils";
class CallAPI {
//Get
public async GetData(request: any, @Path() path: any, log = true) {
const token = "Bearer " + request.headers.authorization.replace("Bearer ", "");
const url = process.env.API_URL + path;
try {
const response = await axios.get(url, {
headers: {
Authorization: `${token}`,
"Content-Type": "application/json",
api_key: process.env.API_KEY,
},
});
if(log) addLogSequence(request, {
action: "request",
status: "success",
description: "connected",
request: {
method: "GET",
url: url,
response: JSON.stringify(response.data.result),
},
});
return response.data.result;
} catch (error) {
if(log) addLogSequence(request, {
action: "request",
status: "error",
description: "unconnected",
request: {
method: "GET",
url: url,
response: JSON.stringify(error),
},
});
throw error;
}
}
//Post
public async PostData(request: any, @Path() path: any, sendData: any) {
const token = "Bearer " + request.headers.authorization.replace("Bearer ", "");
const url = process.env.API_URL + path;
try {
const response = await axios.post(url, sendData, {
headers: {
Authorization: `${token}`,
"Content-Type": "application/json",
api_key: process.env.API_KEY,
},
});
addLogSequence(request, {
action: "request",
status: "success",
description: "connected",
request: {
method: "POST",
url: url,
payload: JSON.stringify(sendData),
response: JSON.stringify(response.data.result),
},
});
return response.data.result;
} catch (error) {
addLogSequence(request, {
action: "request",
status: "error",
description: "unconnected",
request: {
method: "POST",
url: url,
payload: JSON.stringify(sendData),
response: JSON.stringify(error),
},
});
throw error;
}
}
}
export default CallAPI;

152
src/interfaces/extension.ts Normal file
View file

@ -0,0 +1,152 @@
class Extension {
public static ToThaiMonth(value: number) {
switch (value) {
case 1:
return "มกราคม";
case 2:
return "กุมภาพันธ์";
case 3:
return "มีนาคม";
case 4:
return "เมษายน";
case 5:
return "พฤษภาคม";
case 6:
return "มิถุนายน";
case 7:
return "กรกฎาคม";
case 8:
return "สิงหาคม";
case 9:
return "กันยายน";
case 10:
return "ตุลาคม";
case 11:
return "พฤศจิกายน";
case 12:
return "ธันวาคม";
default:
return "";
}
}
public static ToThaiShortMonth(value: number) {
switch (value) {
case 1:
return "ม.ค.";
case 2:
return "ก.พ.";
case 3:
return "มี.ค.";
case 4:
return "เม.ย.";
case 5:
return "พ.ค.";
case 6:
return "มิ.ย.";
case 7:
return "ก.ค.";
case 8:
return "ส.ค.";
case 9:
return "ก.ย.";
case 10:
return "ต.ค.";
case 11:
return "พ.ย.";
case 12:
return "ธ.ค.";
default:
return "";
}
}
public static ToThaiYear(value: number) {
if (value < 2400) return value + 543;
else return value;
}
public static ToCeYear(value: number) {
if (value >= 2400) return value - 543;
else return value;
}
public static ToThaiNumber(value: string) {
let arabicNumbers = "0123456789";
let thaiNumbers = "๐๑๒๓๔๕๖๗๘๙";
let result = "";
for (let digit of value) {
let index = arabicNumbers.indexOf(digit);
if (index >= 0) {
result += thaiNumbers[index];
} else {
result += digit;
}
}
return result;
}
public static ToThaiFullDate(value: Date) {
let yy = value.getFullYear() < 2400 ? value.getFullYear() + 543 : value.getFullYear();
return (
"วันที่ " +
value.getDate() +
" เดือน " +
Extension.ToThaiMonth(value.getMonth() + 1) +
" พ.ศ. " +
yy
);
}
public static ToThaiFullDate2(value: Date) {
let yy = value.getFullYear() < 2400 ? value.getFullYear() + 543 : value.getFullYear();
return value.getDate() + " " + Extension.ToThaiMonth(value.getMonth() + 1) + " " + yy;
}
public static ToThaiFullDate3(value: Date) {
let yy = value.getFullYear() < 2400 ? value.getFullYear() + 543 : value.getFullYear();
return value.getDate() + " เดือน " + Extension.ToThaiMonth(value.getMonth() + 1) + " พ.ศ. " + yy;
}
public static ToThaiShortDate(value: Date) {
let yy = value.getFullYear() < 2400 ? value.getFullYear() + 543 : value.getFullYear();
return (
"วันที่ " +
value.getDate() +
" " +
Extension.ToThaiShortMonth(value.getMonth() + 1) +
" " +
yy.toString().slice(-2)
);
}
public static ToThaiShortDate_noPrefix(value: Date) {
let yy = value.getFullYear() < 2400 ? value.getFullYear() + 543 : value.getFullYear();
return (
value.getDate() +
" " +
Extension.ToThaiShortMonth(value.getMonth() + 1) +
" " +
yy.toString().slice(-2)
);
}
public static ToThaiShortDate_monthYear(value: Date) {
let yy = value.getFullYear() < 2400 ? value.getFullYear() + 543 : value.getFullYear();
return (
value.getDate() + " เดือน " + Extension.ToThaiMonth(value.getMonth() + 1) + " พ.ศ. " + yy
);
}
public static sumObjectValues(array: any, propertyName: any) {
let sum = 0;
for (let i = 0; i < array.length; i++) {
if (array[i][propertyName] !== undefined) {
sum += array[i][propertyName];
}
}
return sum;
}
}
export default Extension;

19
src/interfaces/http-error.ts Normal file
View file

@ -0,0 +1,19 @@
import HttpStatus from "./http-status";
class HttpError extends Error {
/**
* HTTP Status Code
*/
status: HttpStatus;
message: string;
constructor(status: HttpStatus, message: string) {
super(message);
this.name = "HttpError";
this.status = status;
this.message = message;
}
}
export default HttpError;

380
src/interfaces/http-status.ts Normal file
View file

@ -0,0 +1,380 @@
/**
* Hypertext Transfer Protocol (HTTP) response status codes.
* @see {@link https://en.wikipedia.org/wiki/List_of_HTTP_status_codes}
*/
enum HttpStatus {
/**
* The server has received the request headers and the client should proceed to send the request body
* (in the case of a request for which a body needs to be sent; for example, a POST request).
* Sending a large request body to a server after a request has been rejected for inappropriate headers would be inefficient.
* To have a server check the request's headers, a client must send Expect: 100-continue as a header in its initial request
* and receive a 100 Continue status code in response before sending the body. The response 417 Expectation Failed indicates the request should not be continued.
*/
CONTINUE = 100,
/**
* The requester has asked the server to switch protocols and the server has agreed to do so.
*/
SWITCHING_PROTOCOLS = 101,
/**
* A WebDAV request may contain many sub-requests involving file operations, requiring a long time to complete the request.
* This code indicates that the server has received and is processing the request, but no response is available yet.
* This prevents the client from timing out and assuming the request was lost.
*/
PROCESSING = 102,
/**
* Standard response for successful HTTP requests.
* The actual response will depend on the request method used.
* In a GET request, the response will contain an entity corresponding to the requested resource.
* In a POST request, the response will contain an entity describing or containing the result of the action.
*/
OK = 200,
/**
* The request has been fulfilled, resulting in the creation of a new resource.
*/
CREATED = 201,
/**
* The request has been accepted for processing, but the processing has not been completed.
* The request might or might not be eventually acted upon, and may be disallowed when processing occurs.
*/
ACCEPTED = 202,
/**
* SINCE HTTP/1.1
* The server is a transforming proxy that received a 200 OK from its origin,
* but is returning a modified version of the origin's response.
*/
NON_AUTHORITATIVE_INFORMATION = 203,
/**
* The server successfully processed the request and is not returning any content.
*/
NO_CONTENT = 204,
/**
* The server successfully processed the request, but is not returning any content.
* Unlike a 204 response, this response requires that the requester reset the document view.
*/
RESET_CONTENT = 205,
/**
* The server is delivering only part of the resource (byte serving) due to a range header sent by the client.
* The range header is used by HTTP clients to enable resuming of interrupted downloads,
* or split a download into multiple simultaneous streams.
*/
PARTIAL_CONTENT = 206,
/**
* The message body that follows is an XML message and can contain a number of separate response codes,
* depending on how many sub-requests were made.
*/
MULTI_STATUS = 207,
/**
* The members of a DAV binding have already been enumerated in a preceding part of the (multistatus) response,
* and are not being included again.
*/
ALREADY_REPORTED = 208,
/**
* The server has fulfilled a request for the resource,
* and the response is a representation of the result of one or more instance-manipulations applied to the current instance.
*/
IM_USED = 226,
/**
* Indicates multiple options for the resource from which the client may choose (via agent-driven content negotiation).
* For example, this code could be used to present multiple video format options,
* to list files with different filename extensions, or to suggest word-sense disambiguation.
*/
MULTIPLE_CHOICES = 300,
/**
* This and all future requests should be directed to the given URI.
*/
MOVED_PERMANENTLY = 301,
/**
* This is an example of industry practice contradicting the standard.
* The HTTP/1.0 specification (RFC 1945) required the client to perform a temporary redirect
* (the original describing phrase was "Moved Temporarily"), but popular browsers implemented 302
* with the functionality of a 303 See Other. Therefore, HTTP/1.1 added status codes 303 and 307
* to distinguish between the two behaviours. However, some Web applications and frameworks
* use the 302 status code as if it were the 303.
*/
FOUND = 302,
/**
* SINCE HTTP/1.1
* The response to the request can be found under another URI using a GET method.
* When received in response to a POST (or PUT/DELETE), the client should presume that
* the server has received the data and should issue a redirect with a separate GET message.
*/
SEE_OTHER = 303,
/**
* Indicates that the resource has not been modified since the version specified by the request headers If-Modified-Since or If-None-Match.
* In such case, there is no need to retransmit the resource since the client still has a previously-downloaded copy.
*/
NOT_MODIFIED = 304,
/**
* SINCE HTTP/1.1
* The requested resource is available only through a proxy, the address for which is provided in the response.
* Many HTTP clients (such as Mozilla and Internet Explorer) do not correctly handle responses with this status code, primarily for security reasons.
*/
USE_PROXY = 305,
/**
* No longer used. Originally meant "Subsequent requests should use the specified proxy."
*/
SWITCH_PROXY = 306,
/**
* SINCE HTTP/1.1
* In this case, the request should be repeated with another URI; however, future requests should still use the original URI.
* In contrast to how 302 was historically implemented, the request method is not allowed to be changed when reissuing the original request.
* For example, a POST request should be repeated using another POST request.
*/
TEMPORARY_REDIRECT = 307,
/**
* The request and all future requests should be repeated using another URI.
* 307 and 308 parallel the behaviors of 302 and 301, but do not allow the HTTP method to change.
* So, for example, submitting a form to a permanently redirected resource may continue smoothly.
*/
PERMANENT_REDIRECT = 308,
/**
* The server cannot or will not process the request due to an apparent client error
* (e.g., malformed request syntax, too large size, invalid request message framing, or deceptive request routing).
*/
BAD_REQUEST = 400,
/**
* Similar to 403 Forbidden, but specifically for use when authentication is required and has failed or has not yet
* been provided. The response must include a WWW-Authenticate header field containing a challenge applicable to the
* requested resource. See Basic access authentication and Digest access authentication. 401 semantically means
* "unauthenticated",i.e. the user does not have the necessary credentials.
*/
UNAUTHORIZED = 401,
/**
* Reserved for future use. The original intention was that this code might be used as part of some form of digital
* cash or micro payment scheme, but that has not happened, and this code is not usually used.
* Google Developers API uses this status if a particular developer has exceeded the daily limit on requests.
*/
PAYMENT_REQUIRED = 402,
/**
* The request was valid, but the server is refusing action.
* The user might not have the necessary permissions for a resource.
*/
FORBIDDEN = 403,
/**
* The requested resource could not be found but may be available in the future.
* Subsequent requests by the client are permissible.
*/
NOT_FOUND = 404,
/**
* A request method is not supported for the requested resource;
* for example, a GET request on a form that requires data to be presented via POST, or a PUT request on a read-only resource.
*/
METHOD_NOT_ALLOWED = 405,
/**
* The requested resource is capable of generating only content not acceptable according to the Accept headers sent in the request.
*/
NOT_ACCEPTABLE = 406,
/**
* The client must first authenticate itself with the proxy.
*/
PROXY_AUTHENTICATION_REQUIRED = 407,
/**
* The server timed out waiting for the request.
* According to HTTP specifications:
* "The client did not produce a request within the time that the server was prepared to wait. The client MAY repeat the request without modifications at any later time."
*/
REQUEST_TIMEOUT = 408,
/**
* Indicates that the request could not be processed because of conflict in the request,
* such as an edit conflict between multiple simultaneous updates.
*/
CONFLICT = 409,
/**
* Indicates that the resource requested is no longer available and will not be available again.
* This should be used when a resource has been intentionally removed and the resource should be purged.
* Upon receiving a 410 status code, the client should not request the resource in the future.
* Clients such as search engines should remove the resource from their indices.
* Most use cases do not require clients and search engines to purge the resource, and a "404 Not Found" may be used instead.
*/
GONE = 410,
/**
* The request did not specify the length of its content, which is required by the requested resource.
*/
LENGTH_REQUIRED = 411,
/**
* The server does not meet one of the preconditions that the requester put on the request.
*/
PRECONDITION_FAILED = 412,
/**
* The request is larger than the server is willing or able to process. Previously called "Request Entity Too Large".
*/
PAYLOAD_TOO_LARGE = 413,
/**
* The URI provided was too long for the server to process. Often the result of too much data being encoded as a query-string of a GET request,
* in which case it should be converted to a POST request.
* Called "Request-URI Too Long" previously.
*/
URI_TOO_LONG = 414,
/**
* The request entity has a media type which the server or resource does not support.
* For example, the client uploads an image as image/svg+xml, but the server requires that images use a different format.
*/
UNSUPPORTED_MEDIA_TYPE = 415,
/**
* The client has asked for a portion of the file (byte serving), but the server cannot supply that portion.
* For example, if the client asked for a part of the file that lies beyond the end of the file.
* Called "Requested Range Not Satisfiable" previously.
*/
RANGE_NOT_SATISFIABLE = 416,
/**
* The server cannot meet the requirements of the Expect request-header field.
*/
EXPECTATION_FAILED = 417,
/**
* This code was defined in 1998 as one of the traditional IETF April Fools' jokes, in RFC 2324, Hyper Text Coffee Pot Control Protocol,
* and is not expected to be implemented by actual HTTP servers. The RFC specifies this code should be returned by
* teapots requested to brew coffee. This HTTP status is used as an Easter egg in some websites, including Google.com.
*/
I_AM_A_TEAPOT = 418,
/**
* The request was directed at a server that is not able to produce a response (for example because a connection reuse).
*/
MISDIRECTED_REQUEST = 421,
/**
* The request was well-formed but was unable to be followed due to semantic errors.
*/
UNPROCESSABLE_ENTITY = 422,
/**
* The resource that is being accessed is locked.
*/
LOCKED = 423,
/**
* The request failed due to failure of a previous request (e.g., a PROPPATCH).
*/
FAILED_DEPENDENCY = 424,
/**
* The client should switch to a different protocol such as TLS/1.0, given in the Upgrade header field.
*/
UPGRADE_REQUIRED = 426,
/**
* The origin server requires the request to be conditional.
* Intended to prevent "the 'lost update' problem, where a client
* GETs a resource's state, modifies it, and PUTs it back to the server,
* when meanwhile a third party has modified the state on the server, leading to a conflict."
*/
PRECONDITION_REQUIRED = 428,
/**
* The user has sent too many requests in a given amount of time. Intended for use with rate-limiting schemes.
*/
TOO_MANY_REQUESTS = 429,
/**
* The server is unwilling to process the request because either an individual header field,
* or all the header fields collectively, are too large.
*/
REQUEST_HEADER_FIELDS_TOO_LARGE = 431,
/**
* A server operator has received a legal demand to deny access to a resource or to a set of resources
* that includes the requested resource. The code 451 was chosen as a reference to the novel Fahrenheit 451.
*/
UNAVAILABLE_FOR_LEGAL_REASONS = 451,
/**
* A generic error message, given when an unexpected condition was encountered and no more specific message is suitable.
*/
INTERNAL_SERVER_ERROR = 500,
/**
* The server either does not recognize the request method, or it lacks the ability to fulfill the request.
* Usually this implies future availability (e.g., a new feature of a web-service API).
*/
NOT_IMPLEMENTED = 501,
/**
* The server was acting as a gateway or proxy and received an invalid response from the upstream server.
*/
BAD_GATEWAY = 502,
/**
* The server is currently unavailable (because it is overloaded or down for maintenance).
* Generally, this is a temporary state.
*/
SERVICE_UNAVAILABLE = 503,
/**
* The server was acting as a gateway or proxy and did not receive a timely response from the upstream server.
*/
GATEWAY_TIMEOUT = 504,
/**
* The server does not support the HTTP protocol version used in the request
*/
HTTP_VERSION_NOT_SUPPORTED = 505,
/**
* Transparent content negotiation for the request results in a circular reference.
*/
VARIANT_ALSO_NEGOTIATES = 506,
/**
* The server is unable to store the representation needed to complete the request.
*/
INSUFFICIENT_STORAGE = 507,
/**
* The server detected an infinite loop while processing the request.
*/
LOOP_DETECTED = 508,
/**
* Further extensions to the request are required for the server to fulfill it.
*/
NOT_EXTENDED = 510,
/**
* The client needs to authenticate to gain network access.
* Intended for use by intercepting proxies used to control access to the network (e.g., "captive portals" used
* to require agreement to Terms of Service before granting full Internet access via a Wi-Fi hotspot).
*/
NETWORK_AUTHENTICATION_REQUIRED = 511,
}
export default HttpStatus;

19
src/interfaces/http-success.ts Normal file
View file

@ -0,0 +1,19 @@
import { RequestWithUser } from "../middlewares/user";
import HttpStatus from "./http-status";
import { addLogSequence } from "./utils";
class HttpSuccess {
/**
* HTTP Status Code
*/
status: HttpStatus;
message: string;
result?: any;
constructor(result?: any) {
this.status = HttpStatus.OK;
this.message = "สำเร็จ";
this.result = result;
}
}
export default HttpSuccess;

269
src/interfaces/permission.ts Normal file
View file

@ -0,0 +1,269 @@
import axios from "axios";
import { RequestWithUser } from "../middlewares/user";
import CallAPI from "./call-api";
import HttpError from "./http-error";
import HttpStatus from "./http-status";
import { promisify } from "util";
class CheckAuth {
private redis = require("redis");
public async Permission(req: RequestWithUser, system: string, action: string) {
if (
req.headers.hasOwnProperty("api_key") &&
req.headers["api_key"] &&
req.headers["api_key"] == process.env.API_KEY
) {
return null;
}
return await new CallAPI()
.GetData(req, "/org/permission")
.then((x) => {
let permission = false;
let role = x.roles.find((x: any) => x.authSysId == system);
if (!role) throw "ไม่มีสิทธิ์เข้าระบบ";
if (role.attrOwnership == "OWNER") return "OWNER";
if (action.trim().toLocaleUpperCase() == "CREATE") permission = role.attrIsCreate;
if (action.trim().toLocaleUpperCase() == "DELETE") permission = role.attrIsDelete;
if (action.trim().toLocaleUpperCase() == "GET") permission = role.attrIsGet;
if (action.trim().toLocaleUpperCase() == "LIST") permission = role.attrIsList;
if (action.trim().toLocaleUpperCase() == "UPDATE") permission = role.attrIsUpdate;
if (permission == false) throw "ไม่มีสิทธิ์ใช้งานระบบนี้";
return role.attrPrivilege;
})
.catch((x) => {
if (x.status != undefined) {
throw new HttpError(x.status, x.message);
} else {
throw new HttpError(HttpStatus.FORBIDDEN, x);
}
});
}
public async PermissionOrg(req: RequestWithUser, system: string, action: string) {
if (
req.headers.hasOwnProperty("api_key") &&
req.headers["api_key"] &&
req.headers["api_key"] == process.env.API_KEY
) {
return {
root: null,
child1: null,
child2: null,
child3: null,
child4: null,
};
}
return await new CallAPI()
.GetData(req, `/org/permission/org/${system}/${action}`)
.then(async (x) => {
let privilege = x.privilege;
let data: any = {
root: [null],
child1: [null],
child2: [null],
child3: [null],
child4: [null],
privilege: [null],
};
let node = 4;
if (x.orgChild1Id == null) {
node = 0;
} else if (x.orgChild2Id == null) {
node = 1;
} else if (x.orgChild3Id == null) {
node = 2;
} else if (x.orgChild4Id == null) {
node = 3;
}
if (privilege == "OWNER") {
data = {
root: null,
child1: null,
child2: null,
child3: null,
child4: null,
privilege: "OWNER",
};
} else if (privilege == "ROOT") {
data = {
root: [x.orgRootId],
child1: null,
child2: null,
child3: null,
child4: null,
privilege: "ROOT",
};
} else if (privilege == "CHILD") {
data = {
root: node >= 0 ? [x.orgRootId] : null,
child1: node >= 1 ? [x.orgChild1Id] : null,
child2: node >= 2 ? [x.orgChild2Id] : null,
child3: node >= 3 ? [x.orgChild3Id] : null,
child4: node >= 4 ? [x.orgChild4Id] : null,
privilege: "CHILD",
};
} else if (privilege == "NORMAL") {
data = {
root: [x.orgRootId],
child1: [x.orgChild1Id],
child2: [x.orgChild2Id],
child3: [x.orgChild3Id],
child4: [x.orgChild4Id],
privilege: "NORMAL",
};
} else if (privilege == "SPECIFIC") {
}
return data;
})
.catch((x) => {
if (x.status != undefined) {
throw new HttpError(x.status, x.message);
} else {
throw new HttpError(HttpStatus.FORBIDDEN, x);
}
});
}
public async PermissionOrgByUser(
req: RequestWithUser,
system: string,
action: string,
profileId: string,
) {
if (
req.headers.hasOwnProperty("api_key") &&
req.headers["api_key"] &&
req.headers["api_key"] == process.env.API_KEY
) {
return true;
}
return await new CallAPI()
.GetData(req, `/org/permission/user/${system}/${action}/${profileId}`)
.then(async (x) => {
let org = x.org;
if (org.root != null) if (x.orgRootId != org.root[0]) throw "ไม่มีสิทธิ์เข้าถึงข้อมูล";
if (org.child1 != null)
if (x.orgChild1Id != org.child1[0]) throw "ไม่มีสิทธิ์เข้าถึงข้อมูล";
if (org.child2 != null)
if (x.orgChild2Id != org.child2[0]) throw "ไม่มีสิทธิ์เข้าถึงข้อมูล";
if (org.child3 != null)
if (x.orgChild3Id != org.child3[0]) throw "ไม่มีสิทธิ์เข้าถึงข้อมูล";
if (org.child4 != null)
if (x.orgChild4Id != org.child4[0]) throw "ไม่มีสิทธิ์เข้าถึงข้อมูล";
return true;
})
.catch((x) => {
if (x.status != undefined) {
throw new HttpError(x.status, x.message);
} else {
throw new HttpError(HttpStatus.FORBIDDEN, x);
}
});
}
public async Workflow(req: RequestWithUser, id: string, sysName: string) {
if (
req.headers.hasOwnProperty("api_key") &&
req.headers["api_key"] &&
req.headers["api_key"] == process.env.API_KEY
) {
return null;
}
return await new CallAPI()
.PostData(req, "/org/workflow/keycloak/isofficer", {
refId: id,
sysName: sysName,
})
.then((x) => {
return true;
})
.catch((x) => {
return false;
});
}
public async checkOrg(token: any,keycloakId: string) {
const redisClient = await this.redis.createClient({
host: process.env.REDIS_HOST,
port: process.env.REDIS_PORT,
});
const getAsync = promisify(redisClient.get).bind(redisClient);
let reply = await getAsync("org_" + keycloakId);
if (reply != null) {
reply = JSON.parse(reply);
} else {
try {
const x = await new CallAPI().GetData(
{
headers: { authorization: token },
},
`/org/permission/checkOrg/${keycloakId}`,
false
);
const data = {
orgRootId: x.orgRootId,
orgChild1Id: x.orgChild1Id,
orgChild2Id: x.orgChild2Id,
orgChild3Id: x.orgChild3Id,
orgChild4Id: x.orgChild4Id,
};
return data;
} catch (error) {
console.error("Error calling API:", error);
throw error;
}
}
}
public async PermissionCreate(req: RequestWithUser, system: string) {
return await this.Permission(req, system, "CREATE");
}
public async PermissionDelete(req: RequestWithUser, system: string) {
return await this.Permission(req, system, "DELETE");
}
public async PermissionGet(req: RequestWithUser, system: string) {
return await this.Permission(req, system, "GET");
}
public async PermissionList(req: RequestWithUser, system: string) {
return await this.Permission(req, system, "LIST");
}
public async PermissionUpdate(req: RequestWithUser, system: string) {
return await this.Permission(req, system, "UPDATE");
}
public async PermissionOrgCreate(req: RequestWithUser, system: string) {
return await this.PermissionOrg(req, system, "CREATE");
}
public async PermissionOrgDelete(req: RequestWithUser, system: string) {
return await this.PermissionOrg(req, system, "DELETE");
}
public async PermissionOrgGet(req: RequestWithUser, system: string) {
return await this.PermissionOrg(req, system, "GET");
}
public async PermissionOrgList(req: RequestWithUser, system: string) {
return await this.PermissionOrg(req, system, "LIST");
}
public async PermissionOrgUpdate(req: RequestWithUser, system: string) {
return await this.PermissionOrg(req, system, "UPDATE");
}
public async PermissionOrgUserCreate(req: RequestWithUser, system: string, profileId: string) {
return await this.PermissionOrgByUser(req, system, "CREATE", profileId);
}
public async PermissionOrgUserDelete(req: RequestWithUser, system: string, profileId: string) {
return await this.PermissionOrgByUser(req, system, "DELETE", profileId);
}
public async PermissionOrgUserGet(req: RequestWithUser, system: string, profileId: string) {
return await this.PermissionOrgByUser(req, system, "GET", profileId);
}
public async PermissionOrgUserList(req: RequestWithUser, system: string, profileId: string) {
return await this.PermissionOrgByUser(req, system, "LIST", profileId);
}
public async PermissionOrgUserUpdate(req: RequestWithUser, system: string, profileId: string) {
return await this.PermissionOrgByUser(req, system, "UPDATE", profileId);
}
}
export default CheckAuth;

39
src/interfaces/storage-fs.ts Normal file
View file

@ -0,0 +1,39 @@
export interface StorageFolder {
/**
* @prop Full path to this folder. It is used as key as there are no files or directories at the same location.
*/
pathname: string;
/**
* @prop Directory / Folder name.
*/
name: string;
createdAt: string | Date;
createdBy: string | Date;
}
export interface StorageFile {
/**
* @prop Full path to this folder. It is used as key as there are no files or directories at the same location.
*/
pathname: string;
fileName: string;
fileSize: number;
fileType: string;
title: string;
description: string;
author: string;
category: string[];
keyword: string[];
metadata: Record<string, unknown>;
path: string;
upload: boolean;
updatedAt: string | Date;
updatedBy: string;
createdAt: string | Date;
createdBy: string;
}

37
src/interfaces/utils.ts Normal file
View file

@ -0,0 +1,37 @@
import { RequestWithUser } from "../middlewares/user";
export type DataDiff = {
before: any;
after: any;
};
export type LogSequence = {
action: string;
status: "success" | "error";
description: string;
query?: any;
request?: {
method?: "GET" | "POST" | "PUT" | "DELETE" | "PATCH";
url?: string;
payload?: string;
response?: string;
};
};
export function setLogDataDiff(req: RequestWithUser, data: DataDiff) {
req.app.locals.logData.dataDiff = {
before: JSON.stringify(data.before),
after: JSON.stringify(data.after),
};
}
export function addLogSequence(req: RequestWithUser, data: LogSequence) {
if (!req?.app?.locals?.logData?.sequence) {
req.app.locals.logData.sequence = [];
}
req.app.locals.logData.sequence = req.app.locals.logData.sequence.concat(data);
}
export function editLogSequence(req: RequestWithUser, index: number, data: LogSequence) {
req.app.locals.logData.sequence[index] = data;
}